General

  • Target

    47569886e74b789f660d76154faf44b92698d2d62777bf29ab3620c1010be102.bin

  • Size

    760KB

  • Sample

    241102-1z831sxbnq

  • MD5

    6e0c858b85abf9555dfebceff728b06a

  • SHA1

    951e0ee39ee179073e1f421a952f3aa44180e5a3

  • SHA256

    47569886e74b789f660d76154faf44b92698d2d62777bf29ab3620c1010be102

  • SHA512

    4a4987ca136d1dd6a24837ba1581dc2ad3b5e8d746b007f19860eee3cc0fdcab8458745cb36b30707ea5ca2aa3e21cdd0a0ae0733c216c45a01683d2f9bc659c

  • SSDEEP

    12288:64O0Ia1a8LdeYzuNyu7yDH5WmpYshXZPbGwidNpghW:6Vra1a6eYiyEyDH5WmD9idNp/

Malware Config

Extracted

Family

spynote

C2

192.168.1.12:4433

Targets

    • Target

      47569886e74b789f660d76154faf44b92698d2d62777bf29ab3620c1010be102.bin

    • Size

      760KB

    • MD5

      6e0c858b85abf9555dfebceff728b06a

    • SHA1

      951e0ee39ee179073e1f421a952f3aa44180e5a3

    • SHA256

      47569886e74b789f660d76154faf44b92698d2d62777bf29ab3620c1010be102

    • SHA512

      4a4987ca136d1dd6a24837ba1581dc2ad3b5e8d746b007f19860eee3cc0fdcab8458745cb36b30707ea5ca2aa3e21cdd0a0ae0733c216c45a01683d2f9bc659c

    • SSDEEP

      12288:64O0Ia1a8LdeYzuNyu7yDH5WmpYshXZPbGwidNpghW:6Vra1a6eYiyEyDH5WmD9idNp/

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Requests enabling of the accessibility settings.

MITRE ATT&CK Mobile v15

Tasks